package com.xb.loan.admin.util;

import com.xb.loan.admin.Constants;
import com.xb.loan.admin.bean.system.OssOperator;
import com.xb.loan.admin.service.system.OperatorRoleService;
import com.xb.loan.admin.service.system.OperatorService;
import com.xb.loan.admin.service.system.RoleMenuService;
import com.xb.loan.util.log.DefaultLoggerFacotry;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;


/**
 * 登录处理类
 */
public class CenterRealm extends AuthorizingRealm {
    Logger logger = DefaultLoggerFacotry.getLogger(CenterRealm.class);
    @Autowired
    private OperatorService operatorService;
    
    @Autowired
    private OperatorRoleService operatorRoleService;
    
    @Autowired
    private RoleMenuService roleMenuService;
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String loginName = (String)principals.getPrimaryPrincipal();
        if(loginName==null)
            return null;
 
        Subject currentUser = SecurityUtils.getSubject();
        
        Session session = currentUser.getSession();
        SimpleAuthorizationInfo authorizationInfo=(SimpleAuthorizationInfo)session.getAttribute(Constants.SESSION_AUTHORIZATION_INFO);
        return authorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken usernamePasswordToken=(UsernamePasswordToken)token;

        String loginName = usernamePasswordToken.getUsername();
        
        if(loginName==null)
            return null;
    
    
        
        OssOperator ossOperatorVO = operatorService.queryOperatorByLoginName(loginName);
        Subject currentUser = SecurityUtils.getSubject(); 	        
        Session session = currentUser.getSession();

        if(ossOperatorVO == null) {
            throw new UnknownAccountException();//没找到帐号
        }
         
        if(ossOperatorVO.getStatus()==  Constants.OperatorStatus.DISABLED.getCode()) {
            throw new DisabledAccountException(); //帐号不可用
            //TODO：添加帐号冻结异常
        }

        //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配，如果觉得人家的不好可以自定义实现
         SimpleAuthenticationInfo authenticationInfo =  new SimpleAuthenticationInfo(
                 loginName, //用户名
                 ossOperatorVO.getLoginPwd(), //密码
                 ByteSource.Util.bytes(loginName),//salt=
                getName()  //realm name
        ); 
 
        return authenticationInfo;
    }

    @Override
    public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
        super.clearCachedAuthorizationInfo(principals);
    }

    @Override
    public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
        super.clearCachedAuthenticationInfo(principals);
    }

    @Override
    public void clearCache(PrincipalCollection principals) {
        super.clearCache(principals);
    }

    public void clearAllCachedAuthorizationInfo() {
        getAuthorizationCache().clear();
    }

    public void clearAllCachedAuthenticationInfo() {
        getAuthenticationCache().clear();
    }

    public void clearAllCache() {
        clearAllCachedAuthenticationInfo();
        clearAllCachedAuthorizationInfo();
    }

}
